我們讓nginx作爲反向代理坐在獨角獸的Rails應用前面。Nginx代理服務器SSL請求超過5秒的https請求中的破管
我們沒有覆蓋任何超時默認值。
我的問題是:
請求一個頁面,通過HTTP花費超過5秒。當它工作正常。
當請求一個超過httpS超過5秒的特定頁面時,我得到一個324(服務器的空響應) 在系統上請求任何其他頁面時,它只能通過https工作。
我可以確認這是一個計時問題,因爲我剝離了模板,並將睡眠模式設置爲6,以使模板等待呈現空白。
該請求有幾個subrequests js和css,這些單獨調用時工作正常。
nginx錯誤日誌在出現問題url時顯示套接字讀取錯誤。
當HTTP做模板渲染和子請求,
當在HTTPS失敗的URL,它發送請求上游兩次但死在那裏,不發送子請求。 (導軌應用聲稱它呈現它確定)
奇怪的是,它發送的原始請求兩次至上游, 然後死,
日誌和配置文件如下,
NGINX錯誤日誌(僅在HTTPS上讀取需要很長時間渲染的特定網址時):
2012/11/06 15:05:00 [info] 5717#0:* 4012 SSL_write()failed(SSL :) (32:斷管),同時讀取上游,客戶:10.2.20.98,ser ver:cloud.zia4buildings.com,請求:「GET/admin/datasets HTTP/1.1」,上游:「http://127.0.0.1:3000/admin/datasets」,主機:「cloud.zia4buildings.com」,引用者:「https://cloud.zia4buildings.com/admin/sage_categories」
2012/11/06 15:05:03 [info] 5717#0:* 4027 SSL_write()失敗(SSL :)(32:當讀取上游時,客戶端:10.2.20.98,服務器:cloud.zia4buildings.com,請求:「GET/admin/datasets HTTP/1.1」,上游:「http://127.0.0.1:3000/admin/datasets 」主機 「cloud.zia4buildings.com」,引薦: 「https://cloud.zia4buildings.com/admin/sage_categories」
[編輯] 問題是超時在https代理通, if我在任何頁面(甚至是一個超輕的頁面)中投入6秒睡眠,然後https請求失敗。
**APPLICATION LOGS:**
(my comments in (-- --)
**HTTP:**
Started GET "/admin/datasets" for 127.0.0.1 at 2012-11-06 09:19:40 -0700
Processing by Admin::DatasetsController#index as HTML
(-- lots of these ok --)
Rendered admin/datasets/_dataset.html.erb (0.0ms)
Rendered admin/datasets/_dataset_category.html.erb (5.4ms)
Rendered admin/datasets/_dataset_category.html.erb (0.0ms)
Rendered admin/datasets/_dataset_category.html.erb (0.0ms)
Rendered admin/datasets/_dataset_category.html.erb (0.0ms)
Rendered admin/datasets/_dataset_category.html.erb (0.0ms)
Rendered layouts/_admin_links.html.erb (4.1ms)
Rendered admin/datasets/index.html.erb within layouts/admin (5694.0ms)
Completed 200 OK in 5704ms (Views: 5171.9ms | ActiveRecord: 531.4ms)
Started GET "/stylesheets/dyn_stylesheets/dynamic.css" for 127.0.0.1 at 2012-11-06 09:15:31 -0700
Processing by DynStylesheetsController#index as CSS
Parameters: {"id"=>"dynamic"}
Exist fragment? views/rating_system_css_colors (1.4ms)
Read fragment views/rating_system_css_colors (0.1ms)
Exist fragment? views/leed_category_css_colors (0.4ms)
Read fragment views/leed_category_css_colors (0.0ms)
Exist fragment? views/sage_category_css_colors (0.3ms)
Read fragment views/sage_category_css_colors (0.0ms)
Exist fragment? views/node_css_colors (3.3ms)
Read fragment views/node_css_colors (0.0ms)
Rendered dyn_stylesheets/dynamic.css.erb (9.8ms)
Completed 200 OK in 17ms (Views: 12.1ms | ActiveRecord: 4.0ms)
(-- EOF HTTP success request --)
**HTTPS:**
Started GET "/admin/datasets" for 127.0.0.1 at 2012-11-06 09:20:44 -0700
Processing by Admin::DatasetsController#index as HTML
Rendered admin/datasets/_set_field.html.erb (15.8ms)
(-- lots of these ok --)
Rendered admin/datasets/_dataset_category.html.erb (0.0ms)
Rendered layouts/_admin_links.html.erb (3.0ms)
Rendered admin/datasets/index.html.erb within layouts/admin (5973.3ms)
Completed 200 OK in 5982ms (Views: 5419.4ms | ActiveRecord: 561.5ms)
(-- (here starts a second, identical request without no apparent reason) --)
Started GET "/admin/datasets" for 127.0.0.1 at 2012-11-06 09:20:47 -0700
Processing by Admin::DatasetsController#index as HTML
Rendered admin/datasets/_set_field.html.erb (15.9ms)
Rendered admin/datasets/_set_field.html.erb (0.5ms)
(-- lots of these ok --)
Rendered admin/datasets/_dataset_category.html.erb (0.0ms)
Rendered admin/datasets/_dataset_category.html.erb (0.0ms)
Rendered layouts/_admin_links.html.erb (4.1ms)
Rendered admin/datasets/index.html.erb within layouts/admin (5944.9ms)
Completed 200 OK in 5955ms (Views: 5419.8ms | ActiveRecord: 549.8ms)
(-- here the browser gets the error 324, empty response --)
CONF:
這是典型的配置:
upstream unicorn_server {
# this socket is set up on the config/unicorn.rb file
server unix:/home/sage/apps/sage/production/shared/.unicorn.sock;
}
server {
listen 80;
root /home/sage/apps/sage/production/current/public;
location/{
proxy_set_header X-Forwarded-For $scheme;
proxy_set_header Host $http_host;
proxy_redirect off;
if (!-f $request_filename) {
proxy_pass http://unicorn_server;
break;
}
}
}
server {
listen localhost:443;
listen 10.2.20.84:443;
ssl on;
ssl_certificate /etc/ssl/certs/cert.chained.crt;
ssl_certificate_key /etc/ssl/certs/cert.com.key;
root /home/sage/apps/sage/production/current/public;
location/{
proxy_set_header X-Forwarded-For $scheme;
proxy_set_header X-Forwarded-Proto https;
proxy_set_header Host $http_host;
proxy_redirect off;
if (!-f $request_filename) {
proxy_pass http://unicorn_server;
break;
}
}
}
在正確的方向指針的任何大加讚賞,
謝謝!